package com.satan.config.security;

import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/**
 * @ClassName SecurityConfig
 * @Description TODO
 * @date 2023/10/3 21:30
 * @Version 1.0
 */
@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig {
    @Value("${url_white_list}")
    private String[] url_white_list;
    private final JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
    private final LoginSuccessHandler loginSuccessHandler;
    private final LoginFailureHandler loginFailureHandler;
    private final LogoutSuccessHandler logoutSuccessHandler;
    private final UserDetailsService myUserDetailService;
    private final AuthenticationProvider authenticationProvider;
    private final AuthenticationManager authenticationManager;
    private final JwtAuthenticationFilter jwtAuthenticationFilter;
    private final JsonAuthenticationFilter jsonAuthenticationFilter;

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        //开启跨域及csrf攻击关闭
        http.csrf(c -> {
            c.disable();
        });
        //登录、登出配置
        http.formLogin(f -> {
            f.loginProcessingUrl("/user/login");
            f.successHandler(loginSuccessHandler);
            f.failureHandler(loginFailureHandler);
        });
        http.logout(l -> {
            l.logoutSuccessHandler(logoutSuccessHandler);
            l.logoutUrl("/user/logout");
        });
        //自定义过滤器配置
        http.addFilterBefore(jsonAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
        http.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
        //设置userDetailService
//        http.userDetailsService(myUserDetailService);
        http.authenticationProvider(authenticationProvider);
        //session禁用配置
        http.sessionManagement(s -> {
            s.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        });
        //拦截规则配置
        http.authorizeHttpRequests(a -> {
            a.requestMatchers(url_white_list).permitAll();
            a.anyRequest().authenticated();
        });
        //异常处理配置
        http.exceptionHandling(e -> {
            e.authenticationEntryPoint(jwtAuthenticationEntryPoint);
        });
        return http.build();

    }
}
